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DETAILED ACTION 
Response to Arguments 

. 1. Applicant's arguments with respect to claims 1-8,10-16,18-24 have been 
considered but are moot in view of the new ground(s) of rejection. 

Drawings 

2. The drawings are objected to under 37 CFR 1 .83(a). The drawings must show 
every feature of the invention specified in the claims. Therefore, the method including 
"maintaining a plurality of routing tables "receiving a packet "receiving a default 
route ..." and "updating each of the plurality of routing tables to include the default route 
..." (all in claim 1) must be shown or the feature(s) canceled from the claim(s). No new 
matter should be entered. 

Claim Objections 

3. Claims 2,8,10,13-16,19,21 are objected to because of the following informalities: 
With regard to claim 2, Examiner suggests replacing "the virtual private networks" 

in lines 1-2 with "the plurality of virtual private networks" in consistent with "a plurality of 
virtual private networks" in claim 1, line 4. 

With regard to claim 8, Examiner suggests replacing "the virtual private networks" 
in line 2 with "the plurality of virtual private networks" in consistent with "a plurality of 
virtual private networks" in claim 7, line 4. 
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With regard to claim 10, Examiner suggests replacing "the routing tables" in line 
14 with "the plurality of routing tables" in consistent with "a plurality of routing tables" in 
line 3. 

With regard to claim 13, Examiner suggests replacing "the routing tables in line 2 
and in line 3 with "the plurality of routing tables" in consistent with "a plurality of routing 
tables" in claim 12, line 3. 

With regard to claim 14, Examiner suggests replacing "the sets of routing, 
information" in line 10 with "the plurality of sets of routing information" in consistent with 
"a plurality of sets of routing information" in line 3. 

With regard to claim 15, Examiner suggests replacing "the sets of routing 
information" in lines 1-2 with "the plurality of sets of routing information" in consistent 
with "a plurality of sets of routing information" in claim 14, line 3. 

With regard to claim 16, Examiner suggests replacing "the sets of routing 
information" in lines 1-2 with "the plurality of sets of routing information" in consistent 
with "a plurality of sets of routing information" in claim 14, line 3. 

With regard to claim 19, Examiner suggests replacing "the virtual private 
networks" in lines 2-3 with "the plurality of virtual private networks" in consistent with "a 
plurality of virtual private network" in claim 14, line 4. 

With regard to claim 21, Examiner suggests replacing "the virtual private 
networks" in line 4 with "the plurality of virtual private networks" in consistent with "a 
plurality of virtual private network" in claim 14, line 4. 

Appropriate correction is required. 
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Claim Rejections - 35 USC § 103 

4. The text of those sections of Title 35, U.S. Code not included in this action can 
be found in a prior Office action. 

5. Claims 1-5,14,15,21-24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Basso et al. (US 2004/0174879) in view of RFC 2663 (IP NAT). 

With regard to claims 1,14,22-24, Basso discloses NAT translation comprising: 
maintaining a plurality of routing tables (a plurality of routing tables, para. 
[0028]; see also 204 in Fig. 2), each of the plurality of routing tables being associated 
with a different one of a plurality of virtual private networks (a routing table is 
associated with a VPN, para. [0028]); 

receiving a packet (data packet 210 in Fig. 2, para. [0025]), the packet 
including an IP source address (the network layer address, para. [0025], must be 
part of an IP source address in an MPLS system, para. [0022]) and an IP destination 
address (IP destination address of the packet, para. [0025]), the packet further 
including information (Table ID 606 [of an entry of a VRF table] identifies the routing 

i 

table, para. [0029], see also Fig. 6A) indicating one of the plurality of routing tables to 
route the packet; 

performing NAT on the packet (two lookups, para. [0025]); 

identifying one of the plurality of routing tables to route the packet (Table ID 606 
identifies the routing table 504, para. [0029], see also Fig. 6A); 
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identifying an entry (outer label 612 in routing table 504, para. [0030]) in the 
one of the plurality of routing tables using the IP destination address (the IP 
destination address is used to matched with an entry in a VRF table, para. [0025] 
and in turn, the Table ID of the entry is used to identify an entry/outer label in a 
routing table); and 

routing the packet (tunnel the data packet) using the identified routing table 
entry (outer label) (outer label is used to tunnel the data packet across the LSP, 
para. [0030]). 

However, Basso fails to explicitly show receiving a default route advertised by a network 
device providing one or more shared services, wherein each of the shared services is 
available to each of the plurality of virtual private networks; and updating each of the 
plurality of routing tables to include the default route to the network device providing one 
or more shared services available to each of the plurality of virtual private networks. 

RFC 2663 discloses NAT translation comprising receiving a default route (it is 
inherent that there is at least one established route) advertised (advertised) by a 
network device (network from the external realm) providing one or more shared 
services (network from the external realm may be advertised within the private 
network, Section 4.1. Traditional NAT) (See also Section 2.7. External network) 
and updating each of the plurality of routing tables to include the default route 
(updating routing table is inherent in NAT). 
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At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine receiving a default route advertised by a network device and 
updating each of the plurality of routing tables to include the default route as taught in 
RFC 2663 with Basso, to provide for transparent routing. RFC 2663, Section 2.2. 

With regard to claim 2, Basso further discloses the method as recited in claim 1 . 
Basso further discloses a different customer (Site 1 can be an organization's private 
network, Site 2 can be a remote office in London, para. [0006]). 

With regard to claim 3, Basso further discloses the method as recited in claim 1. 
Basso further discloses an ingress interface of a service provider network (ingress 
LER, para. [0025]). 

With regard to claim 4, Basso further discloses the method as recited in claim 1 . 
Basso further discloses an egress interface of a service provider network (egress LER, 
para. [0025]). 

With regard to claim 5, Basso further discloses the method as recited in claim 1 . 
Basso further discloses network devices (ingress point border device 104, egress 
point border device 106, LERs, para. [0007]) associated with a service provider 
network (network 100 in Fig. 1, para. [0007]). 
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With regard to claim 6, Basso discloses NAT translation comprising: 

maintaining a plurality of routing tables (a plurality of routing tables, para. 
[0028]; see also 204 in Fig. 2), each of the plurality of routing tables being associated 
with a different one of a plurality of virtual private networks (a routing table is 
associated with a VPN, para. [0028]); 

receiving a packet (data packet 210 in Fig. 2, para. [0025]), the packet 
including an IP source address (the network layer address, para. [0025], must be 
part of an IP source address in an MPLS system, para. [0022]) and an IP destination 
address (IP destination address of the packet, para. [0025]), the packet further 
including information (Table ID 606 [of an entry of a VRF table] identifies the routing 
table, para. [0029], see also Fig. 6A) indicating one of the plurality of routing tables to 
route the packet; 

performing NAT on the packet (two lookups, para. [0025]); 

identifying one of the plurality of routing tables to route the packet (Table ID 606 
identifies the routing table 504, para. [0029], see also Fig. 6A); 

identifying an entry (outer label 612 in routing table 504, para. [0030]) in the 
one of the plurality of routing tables using the IP destination address (the IP 
destination address is used to matched with an entry in a VRF table, para. [0025] 
and in turn, the Table ID of the entry is used to identify an entry/outer label in a 
routing table); and 
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routing the packet (tunnel the data packet) using the identified routing table 
entry (outer label) (outer label is used to tunnel the data packet across the LSP, 
para. [0030]). 

However, Basso fails to explicitly show translating the IP source address from a private 
address to a public address when the packet is received from a network device in a 
private network. 

RFC 2663 discloses translating the IP source address from a private address 
(private network) to a public address (external network) when the packet is received 
from a network device in a private network (hosts in a private network) ("[IP] 
Address translation allows hosts in a private network to transparently 
communicate with destinations on an external network and vice versa", 1. 
Introduction). 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine translating the IP source address from a private address to a 
public address when the packet is received from a network device in a private network 
as taught in RFC 2663 with Basso, to provide for transparent routing. RFC 2663, 
Section 2.2. 

With regard to claim 7, Basso discloses NAT translation comprising: 
maintaining a plurality of routing tables (a plurality of routing tables, para. 
[0028]; see also 204 in Fig. 2), each of the plurality of routing tables being associated 
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with a different one of a plurality of virtual private networks (a routing table is 
associated with a VPN, para. [0028]); 

receiving a packet (data packet 210 in Fig. 2, para. [0025]), the packet 
including an IP.source address (the network layer address, para. [0025], must be 
part of an IP source address in an MPLS system, para. [0022]) and an IP destination 
address (IP destination address of the packet, para. [0025]), the packet further 
including information (Table ID 606 [of an entry of a VRF table] identifies the routing 
table, para. [0029], see also Fig. 6A) indicating one of the plurality of routing tables to 
route the packet; 

performing NAT on the packet (two lookups, para. [0025]); 

identifying one of the plurality of routing tables to route the packet (Table ID 606 
identifies the routing table 504, para. [0029], see also Fig. 6A); 

identifying an entry (outer label 612 in routing table 504, para. [0030]) in the 
one of the plurality of routing tables using the IP destination address (the IP 
destination address is used to matched with an entry in a VRF table, para. [0025] 
and in turn, the Table ID of the entry is used to identify an entry/outer label in a 
routing table); and 

routing the packet (tunnel the data packet) using the identified routing table 
entry (outer label) (outer label is used to tunnel the data packet across the LSP, 
para. [0030]). 
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However, Basso fails to explicitly show translating the IP source address from a public 
address to a private address when the packet is received from a network device in a 
public network. 

RFC 2663 discloses translating the IP source address from a public address 
(external network) to a private address (private network) when the packet is received 
from a network device in a public network (vice versa) ("[IP] Address translation 
allows hosts in a private network to transparently communicate with destinations 
on an external network and vice versa", 1. Introduction). 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine translating the IP source address from a public address to a 
private address when the packet is received from a network device in a public network 
as taught in RFC 2663 with Basso, to provide for transparent routing. RFC 2663, 
Section 2.2. 

With regard to claim 15, Basso further discloses each of the sets of routing 
information corresponding to each virtual private network is stored in a separate routing 
table (a plurality of routing tables, para. [0028]). 

With. regard to claim 21, the combination of Basso and RFC 2663 discloses the 
method as recited in claim 14. 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine updating each of the plurality of routing tables to include the 
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default route because it is inherent (updating routing table is inherent in NAT) with 
Basso and RFC 2663, to provide for transparent routing. RFC 2663, Section 2.2. 

6. Claim 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Basso 
and RFC 2663 as applied to claim 7 above, and further in view of RFC 2547 
(BGP/MPLS VPNs). 

With regard to claim 8, the combination of Basso and RFC 2663 disclose the 
method as recited in claim 7. However, the combination fails to explicitly show the 
network device in the public network provides one or more services to each of the 
virtual private networks. 

RFC 2547 discloses the network device (service provider) in the public network 
(enterprise network) provides one or more services (IP backbone services) to each 
of the virtual private networks (VPNs) ("a Service Provider with an IP backbone may 
provide VPNs ... to support the outsourcing of IP backbone services for 
enterprise networks Abstract). 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine the network device in the public network provides one or more 
services to each of the virtual private networks as taught in RFC 2547 with Basso and 
RFC 2663, to provide services to VPNs. 
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7. Claim 10 is rejected under 35 U.S.C. 103(a) as being unpatentable over Basso 
in view of Ferguson et al. (U.S. Pat No. 7,227,867). 

With regard to claim 10, Basso discloses NAT translation comprising: 

maintaining a plurality of routing tables (a plurality of routing tables, para. 
[0028]; see also 204 in Fig. 2), each of the plurality of routing tables being associated 
with a different one of a plurality of virtual private networks (a routing table is 
associated with a VPN, para. [0028]); 

receiving a packet (data packet 210 in Fig. 2, para. [0025]), the packet 
including an IP source address (the network layer address, para. [0025], must be 
part of an IP source address in an MPLS system, para. [0022]) and an IP destination 
address (IP destination address of the packet, para. [0025]), the packet further 
including information (Table ID 606 [of an entry of a VRF table] identifies the routing 
table, para. [0029], see also Fig. 6A) indicating one of the plurality of routing tables to 
route the packet; 

performing NAT on the packet (two lookups, para. [0025]); 

identifying one of the plurality of routing tables to route the packet (Table ID 606 
identifies the routing table 504, para. [0029], see also Fig. 6A); 

identifying an entry (outer label 612 in routing table 504, para. [0030]) in the 
one of the plurality of routing tables using the IP destination address (the IP 
destination address is used to matched with an entry in a VRF table, para. [0025] 
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and in turn, the Table ID of the entry is used to identify an entry/outer label in a 
routing table); 

routing the packet (tunnel the data packet) using the identified routing table 
entry (outer label) (outer label is used to tunnel the data packet across the LSP, 
para. [0030]); and 

identifying the one of the plurality of routing tables (Table ID 606 identifies the 
routing table 504, para. [0029], see also Fig. 6A) associated with the virtual private 
network (a routing table is associated with a VPN, para. [0028]). 

However, Basso fails to explicitly show the packet includes an MPLS tag indicating a 
virtual private network. 

Ferguson discloses an MPLS tag (tag) indicating a virtual private network (VPN) 
(tag 420 may represent a VPN, col. 8, line 56). 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to include an MPLS tag indicating a VPN as taught in Ferguson with 
Basso to provide for next how information associated with the particular VPN. 
Ferguson, col. 8, lines 58-59. 

8. Claim 16 is rejected under 35 U.S.C. 103(a) as being unpatentable over Basso 
and RFC 2663, and further in view of Kubota et al. (US 2003/0142669). 
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With regard to claim 16, the combination of Basso and RFC 2663 discloses the 
method as recited in claim 14. However, Basso fails to explicitly show each entry in the 
routing table includes a VPN identifier identifying the corresponding virtual private 
network. 

Kubota discloses each entry (rows in a routing table) in the routing table (VPN 
routing table 81 in Fig. 8, para. [0099]) includes VPN identifier (VPN column in Fig. 

8. para. [0099]) identifying the corresponding virtual private network. 

At the time of the invention, it would have been obvious to a person of ordinary 
skill in the art to combine each entry in the routing table includes a VPN identifier 
identifying the corresponding virtual private network as taught in Kubota in Basso and 
RFC 2663 to provide for switching and routing at an edge node. Kubota, Fig. 6. 

Allowable Subject Matter 

9. Claims 12 and 13 are allowed. 

10. Claims 11,18-20 are objected to as being dependent upon a rejected base claim, 
but would be allowable if rewritten in independent form including all of the limitations of 
the base claim and any intervening claims. 

11. The following is a statement of reasons for the indication of allowable subject 
matter: 

With regard to claim 12, the prior art of record fails to anticipate or make obvious 
"an entry in a translation table including the IP source address, the IP destination 
address, and a virtual private network identifier identifying the virtual private network." 
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Conclusion 



12. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Blanche Wong whose telephone number is 571-272- 
3177. The examiner can normally be reached on Monday through Friday, 830am to 
530pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Edan Orgad can be reached on 571-272-7884. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




BW 

August 28, 2007 



EDAN 4l ORGAD 
SUPERVISORY PATENT EXAMINER 




